Moderate severityNVD Advisory· Published May 27, 2023· Updated Jan 14, 2025
Invalid push request payload crashes Parse Server
CVE-2023-32688
Description
parse-server-push-adapter is the official Push Notification adapter for Parse Server. The Parse Server Push Adapter can crash Parse Server due to an invalid push notification payload. This issue has been patched in version 4.1.3.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
parse-server-push-adapternpm | < 4.1.3 | 4.1.3 |
Affected products
2- Range: < 4.1.3
Patches
Vulnerability mechanics
Generated on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.
References
6- github.com/advisories/GHSA-mxhg-rvwx-x993ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-32688ghsaADVISORY
- github.com/parse-community/parse-server-push-adapter/commit/598cb84d0866b7c5850ca96af920e8cb5ba243ecghsaWEB
- github.com/parse-community/parse-server-push-adapter/pull/217ghsax_refsource_MISCWEB
- github.com/parse-community/parse-server-push-adapter/releases/tag/4.1.3ghsax_refsource_MISCWEB
- github.com/parse-community/parse-server-push-adapter/security/advisories/GHSA-mxhg-rvwx-x993ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.